我试图使登录页面在php。如果信息是正确的,它应该导航到"main.php",如果信息是false,它应该导航到"accessdenied.php"。但是,页面卡在checkauth.php.
所以过程是这样的:
- index.php <-用户输入信息并按登录
- checkauth.php <-连接数据库并检查表信息是否正确[卡在此页上]
- 应该去main.php或 accessdened .php,它永远不会到达这两个页面。
文件名: checkauth.php
<?php
$username= $_POST['username']; //usernamefrom index.php
$password = $_POST['password']; //password from index.php
if ($password)
{
$connect = mysql_connect("localhost","username","password") or die("Error Connecting To MYSQL Server");
mysql_select_db("DB") or die("Error connecting to database");
$query = mysql_query("SELECT * FROM TBL WHERE username = '$username' AND password = '$password'");
$numrows = mysql_num_rows($query);
if ($numrows != 0)
{
header( 'location: main.php' ) ;
}
else
header( 'Location: accessdenied.php' ) ;
}
?>
请建议。
必须传递像
这样的连接对象mysql_select_db("DB",$connect) or die("Error connecting to database");
MySQL 是弃用。尝试使用 MySQLi :
<?php
/* ESTABLISH YOUR CONNECTION */
$connect=mysqli_connect("localhost","username","password","DB");
if(mysqli_connect_errno()){
echo "Error".mysqli_connect_error();
}
/* YOU SHOULD PRACTICE USING MYSQLI_REAL_ESCAPE_STRING TO PREVENT SOME SQL INJECTIONS */
$username=mysqli_real_escape_string($connect,$_POST['username']); /* usernamefrom index.php */
$password=mysqli_real_escape_string($connect,$_POST['password']); /* password from index.php */
$query = mysqli_query($connect,"SELECT * FROM TBL WHERE username = '$username' AND password = '$password'");
$numrows = mysqli_num_rows($query); /* STORE THE TOTAL NUMBER QUERY IN $numrows VARIABLE */
if ($numrows != 0)
{
header( 'location: main.php' ) ;
}
else
header( 'Location: accessdenied.php' ) ;
}
?>